[cabfpub] FW: Short lived OCSP signing certificate

Ryan Sleevi sleevi at google.com
Thu Sep 20 17:52:10 UTC 2012

On Thu, Sep 20, 2012 at 8:51 AM, Rich Smith <richard.smith at comodo.com> wrote:
> I’d like to hear from the browsers on this.  IMO if they are not going to change the behavior to hard fail on expiration then there is really no point in even continuing to discuss short lived certs as a solution to the revocation problem.
> -Rich

Even if they change behaviour - and for short-lived certs, this is
probably reasonable - what about the existing deployed clients and
browsers that are no longer being updated?

More information about the Public mailing list